RECon2006

Spoonm - IDARub

IDAPython has made a big splash, by embedding the python interpreter
as an IDA plugin, and wrapping the IDA SDK for access from python
code. I think this was a great idea to allow more rapid development
of IDA plugins, and to help write advanced plugins easier. However, I
found a few draw backs with IDAPython. Besides preferring a language
besides python, I think the plugin architecture could be improved
upon, and brought to be network based. I also think that building
some higher level classes that wrap the IDA SDK less tightly help to
take a lot of the difficulty out of using the IDA SDK, and make it
more intuitive to the typical style of interpretive programming.

IDARub is an IDA plugin that wraps the IDA SDK for access from the
Ruby programming language, and exposes these APIs on the network.
There is also client side Ruby classes to abstract and expand on the
IDA SDK operations. This design attempts to make programming with the
IDA SDK easier and more intuitive, and attempts to improve integration
with existing and future tools.